Credit and debit card rules are changing from October 1: How will it affect you? Click here to know!


The rules for online payments for debit and credit cards will change from October 1, 2022, as the Reserve Bank of India's (RBI) card-on-file (CoF) token rules come into force.

The new rules are expected to improve the payment experience and help cardholders avoid online fraud. The deadline for RBI's new token guidelines was to come into effect from July 1 but was extended to September 30.


What are the new rules for credit and debit cards?

In 2021, the central bank prohibited merchant sites from storing customers' card details (card number, expiration date) and mandated the adoption of tokens because the availability of card details with multiple entities could lead to card data theft or misuse. The risk of getting it increases.

What is tokenization?

Tokenization is the process of converting sensitive data into 'non-sensitive' data called tokenization. These tokens convert a debit or credit card holder's 16-digit account number into a digital credential that cannot be stolen or reused. Your card data is now replaced with this token. When card details are saved in an encrypted way, the risk of fraud or tampered data is minimized.

So far 195 crore tokens have been issued. And most of the large merchants have already complied with RBI's card-on-file (COF) tokenization norms.


How will this affect customers?

A shopkeeper has to provide their full card details when they buy something. Once customers start buying an item, the merchant will initiate tokenization and ask for consent to tokenize the card. Once consent is given, the merchant card will send the request to the network.

The card network will create a token, which will act as a proxy for the 16-digit card number and send it back to the merchant. The merchant will save this token for future transactions. Now they have to enter CVV and OTP as before to give approval.